JaffaCakes118_72091eba11bf04f6b0bdce63b3a83d29

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_72091eba11bf04f6b0bdce63b3a83d29
Size

180KB
MD5

72091eba11bf04f6b0bdce63b3a83d29
SHA1

b397dcc04eab938ec49d2e7830cabf94ac7bb289
SHA256

0b7c159fd30910bccbb940431096f801d949831de5cf74d3fa26a4b4857b25ae
SHA512

95e426da8a687ee3baccfd6884e1519a26cc6a336a4b21189d1d6450a9324438aaf80f46f13f3312eafeaafad625eae290a11a4aa75a567a0a0f1272ce92b9c1
SSDEEP

3072:6CJ9hL38oNg7mrC3vUIgZxu9/ZNR33/2U7vvosyJqN:6CJ9J3n3W3ngZxE3/DN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_72091eba11bf04f6b0bdce63b3a83d29

Files

JaffaCakes118_72091eba11bf04f6b0bdce63b3a83d29
.exe windows:4 windows x86 arch:x86

010ea2fc28837c7304e99a7dd6360657

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetTapeParameters
GetCurrentProcessId
ClearCommError
Sleep
GetLocalTime
GetVersion
FindClose
EnumResourceNamesA
GetWindowsDirectoryA
ExitProcess
InterlockedExchange
FindFirstFileA

user32

IsWindow
GetDlgItem
ReleaseCapture
GetWindowInfo
GetSysColor
SetWindowPos
ReleaseDC
MoveWindow
SetCursor
LoadCursorA
FillRect
SetWindowLongA
GetDC
GetWindowLongA
SetCapture

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

winmm

mciSendCommandA
sndPlaySoundA

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

advapi32

RegCloseKey
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

gdi32

DeleteMetaFile
SaveDC
SetTextColor
BitBlt
Rectangle
DeleteObject
CreateSolidBrush
GetTextExtentPoint32A
GetStockObject
GetDeviceCaps
CreateFontIndirectA
CreateCompatibleDC
EnumFontFamiliesExA
CreateRectRgn
TextOutA
SetBkMode
RestoreDC
DeleteDC
SelectObject
GetObjectA
CreateCompatibleBitmap

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

010ea2fc28837c7304e99a7dd6360657

Headers

File Characteristics

Imports

kernel32

user32

oleacc

shell32

winmm

ole32

advapi32

gdi32

version

Sections

.text Size: 155KB - Virtual size: 154KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 21KB - Virtual size: 20KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 155KB - Virtual size: 154KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 21KB - Virtual size: 20KB

.lib
Size: 512B - Virtual size: 76KB